Overview
Certified Penetration Tester is a hands-on deep-dive training and certification programme that enables the participants to handle vulnerability assessments and penetration tests for their customers.
Skills Covered
- Understand all Latest Attacks and their entry points
- Learn how to conduct vulnerability assessment on networks and systems
- Learn ways to harden networks and systems therefore securing corporate infrastructures
- Learn exploit techniques on Network, Web, WiFi, and Mobile infrastructure
- Prepare and submit Vulnerability Assessment & Pentest reports
Who Should Attend
- Network administrators
- Network executives
- Security professionals who insterested in conducting vulnerability assessment and penetration test for their customers.
Course Curriculum
Prerequisites
A ready-to-learn attitude is a must, and an analytical mind is definitely a huge plus. Network and IT Software systems background would be an advantage.
Download Course Syllabus
Course Modules
- Vulnerability Exploit, Payload, Listener
- Vulnerability Assessment Vs. Penetration Testing
- Types of Vulnerabilities Vulnerability Research Sources for Penetration Testers, Exploits and
- Tools sources for Penetration Testers, Commercial Tools for Penetration Testers, Penetration Testing Methodologies and Penetration Test Report Template
- Latest Attacks – Demos
- Passive Information Gathering
- Information intelligence and Map the Customer organization
- Information intelligence and Map the infrastructure of the Target
- Scanning Types & Scan Options
- NMap Scanning
- Ninja & Non-Ninja Scan types
- Multiple IP Addresses scanning
- Host Discovery
- Ping & Port Scanning
- OS Fingerprinting & Service Enumerations
- NMap Scripts
- Host Scanning : Bypassing Firewalls
- Decoys
- ZenMap
- Netcat Fingerprinting
- Nessus : Vulnerability Scanning & Reporting
- NeXpose : Vulnerability Scanning & Reporting
- OpenVAS
- MiTM Concepts & Attacks
- Password Cracking
- Brute Force Tools : Hydra, Medusa
- Crunch Password generator
- FTP Credential cracking
- Telnet Brute Force
- SSH Login Brute Force Attack
- Password cracking with John the Ripper
- Social Engineering Attacks : Java Applet Attack Vectors, Infectious Media Generator, Credential Harvester Attack Method, Spear-Phishing Attack Method and many more
- Metasploit Framework Concepts
- Metasploit Community & Armitage
- Metasploit Exploitations : Dump Password Hash, Capture Screenshots, Capture Keystrokes,
- Privilege Escalation, Pivoting, ARP Scan, Stdapi and Priv, Persistence and Backdoors
- (Maintaining Access), Cover Tracks, Post Exploitations.
- Anti-Virus Evasion Framework and Methods
- Netcat Exploitations
- Backdoor using msfvenom & Netcat
- Advanced Exploitations using PowerShell
- USB Based exploitation on Win 7 & Win 10
- Pentest Reporting
- PowerShell Basics
- PowerShell Log Analysis
- PowerShell Malwares to evade Defenses
- Web Application Basics
- Web Application Fingerprinting
- Payment Gateway & Order Tampering
- Labs on OWASP TOP 10 Vulnerabilities and its sub categories using Mutillidae, DVWA [SQL Injection, Cross Site Scripting, Cross Site Request Forgery, LDAP Injection, Command Injection, Parameter/Form Tampering, Payment Gateway hacking, Improper Error Handling, Directory Traversal, Insecure storage, Information Leakage, Broken Account Management, Denial of Service, Buffer Overflow, Broken Session Management, Session Fixation, Security Misconfiguration, File Upload and Download and many more ]
- Pentest Reporting
- Introduction on WEP, WPA, WPA2
- Wireless cracking with Reaver
- Uncovering hidden SSIDs
- WiFi Twining Attacks
- WiFi Pineapple based attacks
Request More Information
Training Options
- VILT: Virtual Instructor-Led Training
- ILT: Instructor-Led Training
RM5,500.00Enroll Now
RM5,500.00Enroll Now
Exam & Certification
Certified Penetration Tester.
Training & Certification Guide
- Exam Platform : KALAM
- Exam Format : Multiple Choice Question (MCQ)
- Exam Questions : 50 Questions
- Exam Duration is : 90 Minutes
- Exam Pass Mark : 70%
- Exam Fees : Inclusive in the Course Fees
- Free Add-on : Free Membership access to KALAM Cybersecurity Collaboration & Community Skills Validation Platform
Frequently Asked Questions
The exam voucher validity is 6 months, you can take exam within 6 months from your course date. We recommend you to take the exam at the earliest.
A professional in 5 days is just a marketing gimmick. We get you started with the right knowledge and assist you through the process of achieving professionalism after the class with mentoring and guidance through our Community Ecosystem platform, KALAM.
CCTIA: Certified Cyber Threat Intelligence Analyst
Threat Intelligence enables Businesses to provide the best possible defense against the most probable threats. This course introduces attendees with the basics concepts of Threat Intelligence and take them thru the entire process of setting up a Threat Intel Platform using MISP to consume all the intelligence from around 80+ global community feeds and also enables the attendees to share intelligence on malwares and attacks back to the community.
CSOCA: Certified Security Operation Center (SOC) Analyst
A security operations centre (SOC) is a facility operating 24 x 7 x 365, where enterprise information systems (data centres, servers, networks, desktops and other endpoints) are monitored, assessed, and defended around the clock. SOC Analysts are the backbone for the operations of a SOC. This course prepares you to be ready for the real-world challenges of a SOC Analyst.
CRTP: Certified Red Team Professional
The CRTP: Certified Red Team Professional course focuses on “offense-in-depth”, the ability to rapidly adapt to defensive mitigations and responses with a variety of offensive tactics and techniques.
CRTP immerses students in a single simulated enterprise environment, with multiple VMs, up-to-date and patched operating systems, and defenses. In keeping with the assumed breach mentality, the course provides detailed attacker tradecraft post initial access, which includes performing host situational awareness and “safety checks”, escalation privileges locally, breaking out of the beachhead, performing advanced lateral movement, escalating in Active Directory, performing advanced Kerberos attacks, and achieving red team objectives via data mining and exfiltration.
CSD: Certified Secure Developer
This course aims to help developers become skilled in writing secure code, regardless of the programming language they use. Many developers have a desire to write secure code but lack the necessary knowledge to do so. This course is designed to bridge that knowledge gap and turn developers into secure developers.